I made changes for the following actions
ACTION-615
I made a new reference [XMLDSIG-XPATH] which points to http://www.w3.org/TR/2010/WD-xmldsig-xpath/ (Note: this location does not resolve to anything till we publish it)
ACTION-626
I removed <DigestData> completely
ACTION-627
I added this section. See http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/Overview.html#sec-Verification-2.0
<dsig2:PositionAssertion> is used to enable ID-based referencing that is more resistant to signature wrapping attacks. It contains an XPath expression that has to match the referenced content's position in the document. This way, instead of "selecting" the referenced element via XPath we just "verify" its position (which then is way more flexible in terms of what is really enforced), but stick to ID-based referencing in selection. The good thing about this approach is that implementations could simply ignore this verification assertion and rely solely on the ID-based referencing at the risk of being vulnerable to signature wrapping.
Pratik